From owner-freebsd-questions  Fri Jul  6 11:14:57 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from freeze.org (www.stelesys.com [208.177.187.226])
	by hub.freebsd.org (Postfix) with ESMTP id 1FD8037B405
	for <freebsd-questions@FreeBSD.ORG>; Fri,  6 Jul 2001 11:14:53 -0700 (PDT)
	(envelope-from jim@freeze.org)
Received: (from jim@localhost)
	by freeze.org (8.11.3/8.11.2) id f66IEa264362;
	Fri, 6 Jul 2001 14:14:36 -0400 (EDT)
	(envelope-from jim)
X-Authentication-Warning: www.stelesys.com: Processed from queue /var/spool/alt_queue
X-Authentication-Warning: www.stelesys.com: Processed by jim with -C /web/siteinfo/freeze/mail/sendmail.cf
Date: Fri, 6 Jul 2001 14:14:35 -0400 (EDT)
From: Jim Freeze <jim@freeze.org>
X-X-Sender:  <jim@www.stelesys.com>
To: Mark Kobussen <kobes@usermail.com>
Cc: <freebsd-questions@FreeBSD.ORG>
Subject: Re: IPFW/NATD or Cable Modem Trouble??
In-Reply-To: <004001c10645$64f25e00$0201a8c0@goldenrod.net>
Message-ID: <Pine.BSF.4.32.0107061408040.59818-100000@www.stelesys.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Fri, 6 Jul 2001, Mark Kobussen wrote:

When I first got my cable modem, the service was sporatic, but
has been stable for months now.

I have a similar setup to yours, with a few differences:


> ed1 is connected to the hub
> ed2 is connected to the cable modem
>
> ----- Pertinent rc.conf Information
> gateway_enable="YES"
> hostname="marlborough "
> ifconfig_ed1="inet 192.168.1.1 netmask 255.255.255.0"
> ifconfig_ed2="DHCP"
> inetd_enable="YES"
> kern_securelevel_enable="NO"
> linux_enable="YES"
> moused_enable="YES"
> sendmail_enable="YES"
> gateway_enable="YES"
> sshd_enable="YES"
> portmap_enable="YES"
> firewall_enable="YES"
> firewall_script="/etc/firewall/fwrules"
> natd_enable="YES"
> natd_flags="-dynamic"
natd_flags="-l -d -s -m -u -dynamic -ned2"

> natd_interface="ed2"
>
> ----- Now follows is /etc/firewall/fwrules
> /sbin/ipfw -f flush
> /sbin/ipfw add 1000 pass all from 127.0.0.1 to 127.0.0.1
> /sbin/ipfw add 2000 divert natd all from any to any via ed2
> /sbin/ipfw add 6500 pass all from any to any

I also added the following to let DHCP through
    # Allow DHCP through
    ${fwcmd} add pass udp from any 68 to any 67 out via ${oif}
    ${fwcmd} add pass udp from any 67 to any 68 in  via ${oif}


And, do you have the following in /etc/dhclient.conf:

interface "ed2" {
        send host-name "<your isp provided hostname here>";
        request subnet-mask, broadcast-address, routers,\
domain-name-servers, domain-name, time-servers;
        require domain-name-servers;
        }

HTH
Jim


=========================================================
Jim Freeze
jim@freeze.org
---------------------------------------------------------
No comment at this time.
http://www.freeze.org
=========================================================


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message